Jump to content

[SOLVED] Making form feild required before submitting it


Dada78

Recommended Posts

  • Replies 90
  • Created
  • Last Reply

A variable is not defined.

 

Try defining these variables: $error, $email, $password:

 

$error = "";

$email = $_POST['email'];

$pwd = $_POST['password'];

 

NOTE: IN YOUR SECOND QUERY, YOU'RE USING THE PASSWORD YOU'RE USING TO CONNECT TO YOUR DATABASE, WHICH IS WHY I RENAMED THE POST ONE TO $pwd.

 

So just put those after mysql_select_db()

Link to comment
Share on other sites

Ok changing this line

 

$num_rows = mysql_num_rows($qry) or die(mysql_error());

 

changing it to this removing the or die statement like this

 

$num_rows = mysql_num_rows($qry);

 

Then adding this after the mysql_select_db()

 

$error = "";
$email = $_POST['email'];
$pwd = $_POST['password'];

 

 

Has seemed to have got it working and all errors are working now if a feild is left empty or if a email is tried to be registered that is already registered which is perfect.

 

Only one small tweak I would like to adjust that I noticed during testing and I know this can be done so if someone can help me or point me to someplace where I can read how to do this.

 

When someone registers, they can use anything for an email and what I mean is it doesn't have to be an email and just just be a word. What can I add that will make sure it is a email they are registering. I remember seeing this before but can't find nothing.

 

-Thanks

Link to comment
Share on other sites

Well you can first check if it's in an email format using preg_match.

 

preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$_POST['email'])

So that should check the email before you even attempt to add it to the database.

 

Find:

            if(get_magic_quotes_gpc()))
            {
                $product_name        = stripslashes($_POST['email']);
                $product_description = stripslashes($_POST['password']);
            }
            else
            {
                $product_name        = $_POST['email'];
                $product_description = $_POST['password'];
            }

 

Add BELOW:

if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name,"Registration","Something")) $error = "Invalid email";
else {

See where it says Registration and Something, you should probably edit that.

 

Find:

if(isset($_POST['email']))
    $email = $_POST['email'];
else
    $email = '';

 

Add ABOVE:

}

Link to comment
Share on other sites

if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name,"Registration","Something")) $error = "Invalid email";
else {

See where it says Registration and Something, you should probably edit that.

 

Yea that preg match is what I remember seeing.

 

I noticed the registration and something in the code. What should that be changed to and shouldn't $product_name be changed also? Should that be changed to from $product_name to $email since I assume that would be the variable? Is that correct?

 

I am getting this error though

 

Parse error: syntax error, unexpected T_ELSE in /home/mesquit1/public_html/local/register.php on line 70

 

Here is the code

 

<?php

ini_set('display_errors', 1);
ini_set('error_reporting', E_ALL | E_STRICT);

// here, we check if the form has been submitted, because we need to handle
// redirection before we handle outputting the HTML stuff.
if (isset($_POST['submit']))
{
    if (empty($_POST['email']) || empty($_POST['password']))
    {
        $error = 'Please fill in all fields.';  // here, they have not filled in either the username OR the password.  Set an error.
    }
    else
    {
        // MAKE CONNECTION
        include ('db_connect.php');

        // connect to the mysql server
        $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error());

        // select the database
        mysql_select_db($database) or die ("Could not select database because ".mysql_error());

        $error = "";
        $email = $_POST['email'];
        $pwd = $_POST['password'];

        // check if the email is taken (safe query):
        $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'",
                mysql_real_escape_string($_POST['email']));
        $qry = mysql_query($query) or die ("Could not match data because ".mysql_error());
        $num_rows = mysql_num_rows($qry);
        if ($num_rows < 1)
        {
            // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON.
            if(get_magic_quotes_gpc())
            {
                $product_name        = stripslashes($_POST['email']);
                $product_description = stripslashes($_POST['password']);
            }
            else
            {
                $product_name        = $_POST['email'];
                $product_description = $_POST['password'];
            }

         if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name,"Registration","Something"))                               $error = "Invalid email";
else {

            // Make a safe query
            $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')",
                    mysql_real_escape_string($email, $link),
                    mysql_real_escape_string($password, $link));
            $result = mysql_query($query, $link);

            // If there is no result, or there was not at least 1 row affected, die...
            if(!$result || mysql_affected_rows() < 1)
            {
                $error = 'Could not insert user because ' . mysql_error();
            }
            else
            {
                // redirect them to the user account page, because we successfully ran the SQL
                // notice how we haven't output ANYTHING to the browser yet- header() works
                header('Location: user.php');
                exit();
            }
        }
        else
        {
            $error = 'That email is already in use, please select a different one.';
        }

    }

}
}

// If they've posted but there was an error, kindly show their email address for them again.
if(isset($_POST['email']))
    $email = $_POST['email'];
else
    $email = '';

?>

 

Link to comment
Share on other sites

We appreciate you use the


tags but for codes that long, please use


tags. Thanks :)

 

The $product_name shouldn't be changed as it refers to the $_POST['email'] and that's what you want, right?

Change the "Registration" text to the subject of the email.

Change the "Something" text to the body message of the email.

 

And I'm sorry about that error. This should work:

<?php

ini_set('display_errors', 1);
ini_set('error_reporting', E_ALL | E_STRICT);

// here, we check if the form has been submitted, because we need to handle
// redirection before we handle outputting the HTML stuff.
if (isset($_POST['submit']))
{
    if (empty($_POST['email']) || empty($_POST['password']))
    {
        $error = 'Please fill in all fields.';  // here, they have not filled in either the username OR the password.  Set an error.
    }
    else
    {
        // MAKE CONNECTION
        include ('db_connect.php');

        // connect to the mysql server
        $link = mysql_connect($host, $username, $password) or die ("Could not connect to mysql because ".mysql_error());

        // select the database
        mysql_select_db($database) or die ("Could not select database because ".mysql_error());

        $error = "";
        $email = $_POST['email'];
        $pwd = $_POST['password'];

        // check if the email is taken (safe query):
        $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'",
                mysql_real_escape_string($_POST['email']));
        $qry = mysql_query($query) or die ("Could not match data because ".mysql_error());
        $num_rows = mysql_num_rows($qry);
        if ($num_rows < 1)
        {
            // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON.
            if(get_magic_quotes_gpc())
            {
                $product_name        = stripslashes($_POST['email']);
                $product_description = stripslashes($_POST['password']);
            }
            else
            {
                $product_name        = $_POST['email'];
                $product_description = $_POST['password'];
            }

        if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name,"Registration","Something")) $error = "Invalid email";
	else {

            // Make a safe query
            $query = sprintf("INSERT INTO users (`email`, `password`) VALUES ('%s', '%s')",
                    mysql_real_escape_string($email, $link),
                    mysql_real_escape_string($password, $link));
            $result = mysql_query($query, $link);

            // If there is no result, or there was not at least 1 row affected, die...
            if(!$result || mysql_affected_rows() < 1)
            {
                $error = 'Could not insert user because ' . mysql_error();
            }
            else
            {
                // redirect them to the user account page, because we successfully ran the SQL
                // notice how we haven't output ANYTHING to the browser yet- header() works
                header('Location: user.php');
                exit();
            }
        }
    	}
        else
        {
            $error = 'That email is already in use, please select a different one.';
        }

    }

}

// If they've posted but there was an error, kindly show their email address for them again.
if(isset($_POST['email']))
    $email = $_POST['email'];
else
    $email = '';

?>

Link to comment
Share on other sites

We appreciate you use the


tags but for codes that long, please use


tags. Thanks :)

 

The $product_name shouldn't be changed as it refers to the $_POST['email'] and that's what you want, right?

Change the "Registration" text to the subject of the email.

Change the "Something" text to the body message of the email.

 

Thank you for your help everything seems to be working now.

 

Just a quick question, can I just the remove the registration and something from the code. This is a registration script not a email script so I don't need that at all do I?

 

I would like to have a email sent to the user upon registration that just emails them their login information etc. Is that used for that?

 

-Thanks

Link to comment
Share on other sites

To remove it would I just change this:

 

if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name,"Registration","Something")) $error = "Invalid email";
	else {

 

to this

 

if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)||!mail($product_name)) $error = "Invalid email";
	else {

Link to comment
Share on other sites

*sighs*

 

Did you not read my post or read php.net?

 

The mail function needs to have the 3 non-optional fields! I have no idea why you would take out "Registration" and "Something" That means 1) the message doesn't have a title, which is Registration and that means that it can be considered as spam real easily; 2) the email has no body, meaning it's a blank message.

 

If you want that, here's the message I would get:

To: eureka@divinitycoding.net

Subject:

Body:

 

That's it.

 

If you want that, then you don't just delete them. You can however do this:

mail($product_name, "", "");

 

Please read my posts next time and not just scan it. Thank you.

Link to comment
Share on other sites

Please read my posts next time and not just scan it. Thank you.

 

*sighs*

 

You are not hearing what I am saying.

 

This is a registration form. This enters data like the email and desired password into my database (MySQL) so they can login to the site, it is NOT a mail form.

 

I needed a piece of code that would check to see if what they were entering into the email field is a email which it does and not just some phase like I was able to do before. You then posted the code above with the Registration and Something in it. I do not need all that because I am not sending emails just checking the script to see if this is an email they are entering into the database and not just putting in the field "Yada Yada Yada" with a password and submitting it into the database.

 

On down the road (way down the road) when I get all this finished I would like to be able to send an email after they register one day which is why I asked about that. I DO NOT need that any of that so that was why I was asking if it could be removed because all I need is the code to check if they are entering an email into the field and not some random words.

 

Make sense now?

 

Yes I did read your post and php.net, it had nothing to do with what I was asking and wanting so please do not talk down to me. Thank You.

 

 

Link to comment
Share on other sites

Right...okay. I'm sorry, but...oh nevermind that.

 

At best, you can check if the input the user puts is in email format. That doesn't necessarily mean it's a valid email though. But if you want, just do this:

 

if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)) $error = "Invalid email";

else {

 

That would remove the email.

Link to comment
Share on other sites

That doesn't necessarily mean it's a valid email though. But if you want, just do this:

 

if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i",$product_name)) $error = "Invalid email";

else {

 

That would remove the email.

 

 

Right I understand. Not really concerned if it is a valid email right now just as long as it is an email. I will cross that bridge when the time comes. I am just trying to get this up and going then go back and tweak it with features.

 

So that code you posted is pretty much how I figured it would be edited above right?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.